Privacy and Security

Effective Date: 3/18/15

TRUSTe Web Privacy Seal

Bill.com has received TRUSTe's Privacy Seal signifying that this privacy statement and our practices have been reviewed for compliance with the TRUSTe program viewable on the validation page available by clicking the TRUSTe seal.

If you have questions or concerns regarding this statement, you should first contact support. You can also reach Bill.com Customer Support by telephone at 1.866.989.BILL (2455) or by mail at 1810 Embarcadero, Palo Alto, California 94303. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact TRUSTe at https://feedback-form.truste.com/watchdog/request.

The TRUSTe program covers only information that is collected through this website bill.com, and does not cover the mobile application or information that may be collected through software downloaded from the website.

What Information Bill.com Collects, and How It Is Used

This privacy policy applies to the collection, use and disclosure of personal information we receive from users of Bill.com (the “website”) and our accounts payable and accounts receivable services offered through the website and via our mobile application (“app”).

Account Information. When you sign up for us to provide Bill.com's services, our website asks you to choose a username and password and to provide various types of information, some of it relating to the corporate entity on behalf of which you will be using Bill.com, some of it related to individuals. Some of the latter is personally identifiable information (PII) about:

you, either in your personal capacity or in your role of administering a Bill.com account for a corporate entity;

The names, work phone numbers and work email addresses of your employees who will be using the webite and services.

A credit card to pay for your subscription to Bill.com.

Your company's bank account details if you elect to use Bill.com's payment service. Bill.com will use those details and other information collected about you to verify your identity and your company's creditworthiness.

If you enroll an individual on Bill.com, we will ask that person to provide a name and email address and to choose a password. In addition, if you elect to use Bill.com’s payment service or receivables service, we will ask each of your pertinent vendors and customers, respectively, whom you enroll to provide the same various types of information about it and its pertinent employees as we asked you to provided to us about your company and your pertinent employees (See bulleted lists in the preceding paragraph.) This privacy policy is presented to each enrolled individual and entity online at the time he, she or it is about to enter into the Terms of Service for using Bill.com.

Bill.com also asks you to provide information about how to contact you not only by email but also by telephone and fax. We will use this information to provide you with updated information and service your account in other ways. We may also use this information to contact you about additional products or services that may be of interest to you. You will have an opportunity to "opt out" of such offers in the future, if you so choose, by following the instructions set forth in the offer that we send you.

If you sign up your accountant, he or she may use Bill.com to process payables and receivables for you. Accordingly, your accountant, on your behalf, will be able to enter your PII of the types described above. Bill.com will use this information for the purposes of verifying identity and creditworthiness, as also described above. When you send emails or otherwise communicate with Bill.com, we may retain those communications to process your requests and inquiries and improve the quality of our Site.Bill.com also asks you to provide information about how to contact you not only by email but also by telephone and fax. We will use this information to provide you with updated information and service your account in other ways. We may also use this information to contact you about additional products or services that may be of interest to you. You will have an opportunity to "opt out" of such offers in the future, if you so choose, by following the instructions set forth in the offer that we send you.

Information Collected Using Tracking Technologies We Place. We use tracking technology such as cookies, scripts, and tags to keep track of who visits our website. A cookie is an element of data that a website can send to your browser, which may then store it on your system. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. If you do not accept cookies from Bill.com, you will not be able to use our website. Usage of a cookie is in no way linked to any PII while on our website.

In addition to cookies, we collect the following information from all visitors to our website: the name of the domain through which you access the internet; the date and time you access our website; the internet address from which you linked to our website; and the individual address of the computer you used to access our website. We use this information in the aggregate to administer our website, to help diagnose and troubleshoot potential server malfunctions, and to gather broad demographic information about usage of our website.

Tracking Technologies Placed by Third Parties. The use of third party cookies, local storage (HTML 5), beacons, scripts, and tags by our partners, affiliates, tracking utility company and service providers is not covered by this privacy policy. We do not have access or control over these tracking technologies. Our partners, affiliates, tracking utility company and service providers use tese tracking technologies to store and collect information in order to make it easier for you to navigate our website, to provide certain features on our website, or to display advertising based upon your web browsing activities. Various browsers may offer their own management tools for removing local storage (HTML 5).

We partner with a third party to either display advertising on our website or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this website and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here . Please note this does not opt you out of being served ads. You will continue to receive generic ads.

Non- PII. We may also collect other information as part of the registration and personalization process (e.g., zip code and individual preferences). Certain non-identifying information would be considered a part of your PII if it were combined with other identifiers (e.g., combining your zip code with your street address) in a way that enables you to be identified. However, the same pieces of information are considered non-identifying information when they are taken alone or combined only with other non-identifying information (e.g., your viewing preferences). We may combine your PII with non-identifying information and aggregate it with information collected from other users to attempt to provide you with a better experience, to improve the quality and value of the website and to analyze and understand how the website is used.

Bill.com does not share, rent, or trade PII with third parties for their promotional purposes.

How Information May Be Shared

We will only share personal information with third parties in the ways that are described in the privacy policy.

Service Providers. We share your PII with third parties as needed to maintain, support and operate the website and to perform website-related services (e.g., maintenance services, database management, web analytics and improvement of the website's features) and to assist us in analyzing how our website is used. These third parties have access to your PII only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. We may also provide PII to our business partners or other trusted entities for the purpose of providing you with information we believe will be of interest to you.

Compliance with Laws and Law Enforcement. Bill.com cooperates with government and law enforcement officials or private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Bill.com or a third party, to protect the safety of the public or any person, or to prevent or stop any illegal, unethical or legally actionable activity.

Business Transfers/Transactions. Information, including PII, that we collect from our users is considered to be a business asset. As a result, if we go out of business or enter bankruptcy or if we are acquired as a result of a transaction such as a merger, acquisition, reorganization or asset sale, your PII may be disclosed, sold or transferred to the third-party acquirer in connection with the transaction.

Aggregate Information and Non-Identifying Information. We may share aggregated information which does not include PII and we may otherwise disclose non-identifying information and log data with third parties for industry analysis, demographic profiling and other purposes. Any such aggregated information will not contain your PII.

Bill.com payment network. As part of the Bill.com service you may optionally allow us to share information with your vendors and/or customers. This information includes your company’s address, phone number, website URL/link, name and email address of each user managing the account; and this information may also include similar business data and/or transactional information, such as bills, invoices and payment data. You can control how much information is shared, respectively, with other Bill.com customers and the public, as described in more detail in “Your Profile Visibility – Three Choices” immediately below.

The Bill.com website enables you to update, correct, and delete/remove PII regarding you, your employees and your accountant at any time. The website also permits you to cancel our service at any time. If you have further concerns about how Bill.com stores or uses PII, please contact us at support@hq.bill.com.

Your Profile Visibility – Three Choices

As described and displayed in more detail at Network Profile Visibility Settings, your profile, i.e., where you'll display your business contact information, your logo and more, is how you are represented on the internet and/or within the Bill.com network of customers and vendors (“Network”).

You can also control your profile visibility by choosing one of the three different setting options described below:

1) Public

Bill.com offers a “Public” profile feature that allows you to publish portions of your Bill.com Network profile to the public Internet. This Public profile will be indexed and displayed through Internet search engines when someone searches for your company’s name. Then the web surfer will know it can connect with you to send and/or receive electronic payments via Bill.com.

You may choose the parts of your profile that get indexed and displayed on the public Internet you or completely opt out of this feature in your Bill.com Network Profile settings. However, third-party search engines may not automatically update their caches, which may contain old public profile information.

If you choose the “Public” option:

Your profile, including your custom Network profile URL, will be shareable with, and available to anyone, including those:

other Bill.com members logged into the Bill.com Network (see “Limited” and “Private” below); and

also on the public internet, including web surfers/searchers who are not logged into, the Bill.com Network and who may not yet be Bill.com users.

You will have some control over how much of your business information is displayed through the service functionality. Note, though, that:

At a minimum (by default),the following information will always be displayed:

Company Name

Company Logo (if provided)

Date Joined Bill.com

Number of Bill.com connections

Bill.com Payment Network ID

At your option, the following additional information can be displayed:

Company Address

Phone Number

“About” – Description of the business

IMPORTANT: REMEMBER If the home address, cell phone number and/or home phone number for you and/or another individual is used in any of the above categories and you choose the “Public” profile option, then all such address and phone information will be available publicly as part of your profile.

2) Limited (one of our two “in-Network” option)

Alternatively, Bill.com offers a “Limited” profile feature, which enables only other Bill.com members who are logged into the Bill.com network to search for your profile. However, non-Bill.com members will not be able to search for your profile.

If you choose the “Limited” option:

You will have some control over how much of your business information is displayed through the service functionality. Note, though, that:

At a minimum (by default),the following information will always be displayed in a result of a search run by another Bill.com member and in a “recommendation” that Bill.com proactively generates for another member:

Company Name

Company Logo (if provided)

Date Joined Bill.com

Number of Bill.com connections

Bill.com Payment Network ID

Username and email address of the user managing the account

Company Address

Phone Number

“About” – Description of the business (if provided)

IMPORTANT: REMEMBER: If the home address, cell phone number and/or home phone number for you and/or another individual is used in any of the above categories and you choose the “Limited” profile option, then all such address and phone information will be available to other Bill.com members as part of your profile.

3) Private (the other of our two in-“Network” option)

If you choose the “Private” option:

By default, your company profile will not be searchable, even by Bill.com members logged into the Bill.com network.

Your profile will only be visible to those logged-in Bill.com members with whom you have shared your Bill.com Payment Network ID.

Links to Other Sites

The website may provide links to other sites. If you choose to visit another site by "clicking on" an external link, you will be directed to that party's site. We may track whether these links have been followed to improve the quality of the website and Bill.com's partnership activities. The fact that we link to another site is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party sites. These other sites may place their own cookies or other files on your computer, collect data or solicit PII from you. This privacy policy addresses the use and disclosure of information that we collect from you through this website. Other sites follow different rules regarding the use or disclosure of the PII you submit to them. We encourage you to read the privacy policies or statements of the other sites you visit.

Social Media Widgets

Our Site includes social media features, such as the Facebook Like button and widgets, such as the Share this button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy policy of the company providing it.

Import Contacts

You can import contacts from your Outlook or other email account address book to invite them to become members of our site. We collect the username and password for the email account you wish to import your contacts from and will only use it for that purpose.

Forum

Bill.com offers publicly accessible community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at support@hq.bill.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

Referrals

If you choose to use our referral service to tell a friend about our site, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the website. Bill.com stores this information for the sole purpose of sending this one-time email and tracking the success of our referral program.

Your friend may contact us at support@hq.bill.com to request that we remove this information from our database.

Data Retention

We will retain and use your information in accordance with our internal retention, archiving and back-up regimens, including as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

Modifying Your Information; Cancelling Your Account

The Bill.com website enables you to update, correct, and delete/remove PII regarding you, your employees and your accountant at any time on the website. The website also permits you to cancel our service at any time. If you have any concerns about how Bill.com stores or uses PII, please contact us at support@hq.bill.com.

International Transfer

Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, Bill.com transfers PII to the United States for processing. Your submission of such information represents your consent to that transfer.

Our Policy Toward Children

This website is intended for business-to-business use and is not directed to children under the age of 18. If a parent becomes aware that his or her child has provided us with PII without parental consent, he or she should contact us at support@hq.bill.com. If we become aware that a child under the age of 13 has provided us with PII, we will delete such information from our files.

Testimonials

On our website, we post customer testimonials that may contain PII such as the customer's name. Prior to posting, we do obtain the customer's consent to post his or her name accompanying the testimonial. If you wish to update or delete a testimonial, you can contact us at support@hq.bill.com.

Changes to This Privacy Policy

If we decide to change our privacy policy, we will post those changes to this privacy policy page, the home page, and other places we deem appropriate, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our home page prior to the change becoming effective.

Bill.com Data Security

Bill.com is committed to protecting the security and privacy of your information. We know that information regarding you and your company is extremely important and confidential. Bill.com uses reasonable measures – consistent with industry standard practices – as well as some advanced security and process controls designed to ensure that the security, confidentiality, integrity and availability of your data are protected. However, no method of transmission over the Internet or electronic storage is one hundred percent secure. Therefore we cannot guarantee its absolute security. Bill.com is a U.S.-based corporation, and all storage and processing of data occurs in the US.

Best-in-Class Data Security. At Bill.com, we follow these practices:

Extended Validation (EV) SSL encryption technology designed to achieve privacy of communications between your browser and the Bill.com service.

Firewalls that aim to prevent unauthorized electronic access to servers

Production servers in a high-security locked facility with biometric access controls to protect against unauthorized physical access to servers

We will make any legally required disclosures of any breach of the security, confidentiality, integrity or availability of your information. Such disclosures will be made to you via email or conspicuous posting on this Site without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

Passwords. When you sign up for Bill.com, you provide an email address and password to access our website. You can help protect your information by using a strong password, keeping your password secret and by changing it from time-to-time. See https://answers.bill.com/app/answers/detail/a_id/1485 for some tips on choosing and maintaining a strong password.

Contact Us

You can reach Bill.com Customer Support by telephone at 1.866.989.BILL (2455), by email at support@hq.bill.com, or by mail at 1810 Embarcadero, Palo Alto, California 94303.